CVE-2026-54224

Summary

UBB.threads is vulnerable to Denial of Service (DoS). By sending multiple concurrent requests to view any user profile on instances with many registered users, an authenticated attacker can easily exhaust database resources and completely deny access to the application for other users. Because vendor contact attempts were unsuccessful, the vulnerability has only been confirmed in version 7.7.5 but may also affect other versions.

Affected Software

VendorProductVersion RangeStatus
UBB SystemsUBB.threads0 <= 7.7.5affected

Weaknesses

  • CWE-405: CWE-405 Asymmetric Resource Consumption (Amplification)

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References